My humble taughts and discovries on the path of Information Security

Bitmessage – Secure Email Communication

Encrypted Communication

Eric Snowden has revealed to the world how governments around the world, in particular the US government has access to most of internet data including all the major web email providers such as Google and Microsoft. The access to the information is obtained either through a backdoor installed in their system or by forcing them to reveal the information. Therefore we must assume that anything we do and say on the big wide internet can be viewed by someone whom we did not intend to share that information with. Which means, our privacy on the internet can be easily compromised unless we take some necessary steps. So how do users protect their privacy and communicate securely and privately on the internet?

There are a number of existing as well as upcoming technologies which have aimed at solving this issue. For example, one technology that has been around for quiet sometime is pretty good privacy (PGP) developed by Phil Zimmerman in the early 90s. It is a technology used to sign and encrypt files, emails, and whole disks.

Bitmessage is a new email communication program based on peer to peer technology using block chains. It does not centrally store messages but rather messages are processed on individual client computers. Therefore there is no central entity that can be hacked or made to provide its data to others.

Bitmessage

Below is information from the homepage of this project.

Bitmessage

Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong authentication which means that the sender of a message cannot be spoofed, and it aims to hide “non-content” data, like the sender and receiver of messages, from passive eavesdroppers like those running warrantless wiretapping programs. If Bitmessage is completely new to you, you may wish to start by reading the whitepaper.

Source code

You may view the Python source code on Github. Bitmessage requires PyQt and OpenSSL. Step-by-step instructions on how to run the source code on Linux, Windows, or OSX is available here.

Security audit needed

Bitmessage is in need of an independent audit to verify its security. If you are a researcher capable of reviewing the source code, please email the lead developer. You will be helping to create a great privacy option for people everywhere!